The operating system must employ automated mechanisms, per organization-defined frequency, to detect the addition of unauthorized components/devices into the operating system.
An XCCDF Rule
Description
<VulnDiscussion>Addition of unauthorized code or packages may result in data corruption or theft.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-219970r958794_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
The Software Installation Profile is required.
Review and report any unauthorized package installation operations.
If necessary, remove unauthorized packages.